IP Network Management

IP Network Management

ICT 138: Network Management and Security

Lesson Overview This lesson gives an overview of centralized

and standardized techniques for remote management of the devices that make up a network. The term network management is used to cover all aspects of configuration, control, and reporting that are useful to a network operator who is trying to understand how a network is functioning, commissioning new equipment, directing traffic along specific paths, or performing maintenance on parts of the network.

Choosing to manage your network At some level all

network devices require some management. Even the most simple devices have physical management needs as they are commissioned and connected to a power supply. But most devices need some form of configuration to tell them what role they are to play in the network and precisely how to behave.

Choosing to manage your network Even when

autoconfiguration protocols like the Dynamic Host Configuration Protocol (DHCP) are used to dynamically assign IP addresses and to download basic configuration information, a network operator will still want to use management operations to inspect the devices to discover what addresses they are using.

Choosing to manage your network In practice, many network

devices are complex, requiring a large number of configuration parameters. Many, if not most, of these parameters can usually use default values, but fine tuning may be necessary to ensure optimal functioning of the network, and that requires some form of management access to the device.

Choosing to manage your network Network management is an

area in which most Internet service providers (ISPs) seem to struggle. The nature of their networks is constantly changing, and the market is continually driving them to provide new and different services. These changes put a strain on existing network management tools and require the ISPs to race to adapt their techniques to their customers’ requirements.

Choosing a configuration Method There are many ways to configure devices, from

automatic configuration protocols such as BOOTP and DHCP, through command line interface and configuration files, to graphical user interfaces. These techniques may use a mixture of proprietary manufacturer information and techniques and standardized protocols and data formats. As will be shown in the next slides, there are benefits and disadvantages to using the vendor-specific approaches, but the standardized methods give a great benefit in providing a centralized and coherent view of the network.

Choosing a configuration Method Command Line Interfaces

It is the easiest management tool for a manufacturer of network equipment to write

A CLI is a set of text-based commands issued by the operator at a terminal. The commands have specific (sometimes complex and esoteric) syntaxes specified by the manufacturer and are very specific to the hardware being managed.

It should be noted that the one great benefit of a CLI is that it is easily able to give a very fine level of control over a device and allows a user to examine every last detail of the device’s operation. Debug commands are rarely available in any other form.

Choosing a configuration Method Graphical User Interfaces

Graphical user interfaces (GUIs) are a more user-friendly configuration tool. The operator does not need to remember a command language, but is led through a series of screens with spaces to fill in the necessary configuration information.

It is worth noting that despite the user-friendly aspects of a GUI, an experienced network operator or field engineer will often prefer to use the CLI. The CLI gives access to a finer level of control and a greater amount of information than the GUI, even if that information is not always formatted in the most readable way.

Choosing a configuration Method Standardized Data Representations and Access

Network managers dream of having a single application that they can use to manage their entire network. This application must be capable of controlling all of the devices in the network, and of collecting and integrating the information and statistics stored on each device. The advantages for the operator are a coherent view and a less complex management task because he or she doesn’t have to learn to speak the different command languages for the different equipment vendors and the different dialects for the different devices and models from the same vendor.

Three popular standards-based configuration techniques have emerged: CORBA, SNMP, and XML.

Choosing a configuration Method Making the choice between configuration methods may be

constrained by what protocols and techniques are supported by the equipment in your network. At the worst, you will need to use the CLI on each piece of equipment, operating via Telnet and possibly with the use of a terminal server.

If standardized management protocol support is available there are many advantages to using it, but it should not be forgotten that there will often be more detail and flexibility available through proprietary configuration interfaces than are available through the standards. Nevertheless, except for the configuration of advanced features or for debugging, the benefits of a consolidated management system dictate the use of a standardized technique.

Management Information Base One problem in the management of networks is

deciding how the statistics and configuration data should be represented. Each device (switch, router, host, etc.) will have different configuration requirements and internal data structures according to its implementation.

Similarly, each network management tool will have different commands and management screens displaying and requiring subtly different pieces of information. Nevertheless, any two devices that perform the same function in the network (e.g., two OSPF routers) require substantially the same configuration to enable them to operate their IP-based protocols.

Management Information Base The MIB is an ordered, structured view of

all of the information in all networks, all at the same time. This is a pretty ambitious claim that is, in fact, true only within the global uniqueness of identifiers such as IP addresses and router identifiers. The secret to meeting this aim lies in the way that data values (or objects) are given unique object identifiers (OIDs) in a hierarchical and somewhat long-winded way.

Management Information Base

To illustrate this, consider the part of the OID tree shown. This shows the root of the tree and the branches down as far as some individual MIB modules. As can be seen, the MIB is broken into branches according to the standards-making body. Within the ISO branch, the American Department of

Management Information Base Below these points in the OID tree come the

individual MIB modules. An MIB module contains all of the configuration and reporting information for a single type of logical component. This may be a line card or router, as shown for Company X in Figure 2.2, or may be a component of a protocol such as an interface as managed by the Interfaces MIB (IF-MIB) module. In other words, MIB modules are defined to manage all instances of a single type of manageable entity.

MIB : Representing Managed Objects The Structure of Management Information (SMI)

describes a subset of the Abstract Syntax Notation One (ASN.1) that may be used to define MIB modules and to encode MIB objects when they are passed from one node to another in management requests. ASN.1 was devised by the Open Standards Organization (OSI) and provides a text-based, macro language that may be used to define data structures in a form that is both intelligible to humans and machine readable. At the same time, ASN.1 also provides a set of rules for encoding data when they are passed on the wire between network nodes called the Basic Encoding Rules (BER).

MIB : Representing Managed Objects

Simple Network Management Protocol (SNMP) Once the management station and the

managed devices have a common view of the management data (that is, MIB objects) all that remains is to provide a mechanism for the management station to create, write, read, and delete those objects.

This is achieved using the Simple Network Management Protocol (SNMP), which, like anything that calls itself “simple,” should be taken with a pinch of salt.

Simple Network Management Protocol (SNMP) SNMP is a client-server protocol. Management agents connect to the

managed devices and issue requests. Managed devices return responses.

The basic requests are very simple. They are GET and SET to read and write to an individual MIB object identified by its OID and, if the object is in a table, by the appropriate index values.

Index objects are read and write protected—there is no need to specifically read an index because it is always supplied in a GET request and returned in a GET response to give context to the read request, and clearly it would be a bad idea to allow the index of a row to be changed dynamically.

Some MIB modules also make some of their objects read-only so that the device may report information (such as statistics) without it being modifiable by an external component

Simple Network Management Protocol (SNMP) it would be hugely inefficient to manage the

configuration of a remote device one object at a time, so SNMP allows multiple objects within a single MIB row to be read or written in a single request. That is, a single GET or SET command can operate on multiple objects within a single row.

The GET-BULK command allows a management station to read multiple rows from a table, improving the retrieval time when an entire table is being read. Similarly, the GET-NEXT request allows a management agent to “walk” the OID tree to find the next object in a MIB row, or more usually to navigate a MIB table (which may be sparsely populated) reading one row at a time.

Simple Network Management Protocol (SNMP) Row creation and deletion are special functions that are handled using the SET command

and not through their own special messages.

MIB rows contain a special writable object called the row status that is used to control the creation and deletion of the row.

When a management station creates a row for the first time, it writes the value create to the row status object—if the row already exists, the operation will be failed by the managed device.

If the row creation was successful, the management status goes on to write the other objects, and when the row is ready for use, it sets the row status to active. At this point, the configuration information is available and the device or component can be activated.

At any time the management station can move the row back into the not ready state by writing that value into the row status object. This effectively takes the row back into the state it was in as it was being created.

To delete the row, the row status is set to the value deleted and the managed device must stop the corresponding process or device and delete the corresponding information.

Simple Network Management Protocol (SNMP) A final SNMP message called a TRAP

(sometimes known as a notification) may be issued by the managed device to report a specific event (e.g., the crossing of a threshold).